[
https://issues.apache.org/jira/browse/KNOX-3040?focusedWorklogId=923352&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-923352
]
ASF GitHub Bot logged work on KNOX-3040:
----------------------------------------
Author: ASF GitHub Bot
Created on: 13/Jun/24 15:34
Start Date: 13/Jun/24 15:34
Worklog Time Spent: 10m
Work Description: moresandeep merged PR #916:
URL: https://github.com/apache/knox/pull/916
Issue Time Tracking
-------------------
Worklog Id: (was: 923352)
Time Spent: 40m (was: 0.5h)
> Support multiple ways to verify JWT tokens
> ------------------------------------------
>
> Key: KNOX-3040
> URL: https://issues.apache.org/jira/browse/KNOX-3040
> Project: Apache Knox
> Issue Type: Bug
> Reporter: Sandeep More
> Assignee: Sandeep More
> Priority: Major
> Fix For: 2.1.0
>
> Time Spent: 40m
> Remaining Estimate: 0h
>
> Currently we can only have one way to validate JWT token either
> # Using JWKS endpoint
> # Using PEM
> # Using the signing-key
> We should be able to support multiple verifications together.
> This is an example configuration
> {code:java}
> <provider>
> <role>federation</role>
> <name>JWTProvider</name>
> <enabled>true</enabled>
> <param>
> <name>knox.token.use.cookie</name>
> <value>true</value>
> </param>
>
> <param>
> <name>knox.token.jwks.url</name>
> <value>https://my.idp.com/oauth/.wellknown</value>
> </param>
> <param>
> <name>knox.token.verification.pem</name>
>
> <value>MIIDaDCCAlCgAwIBAgIJAKFjn6W+gdAXMA0GCSqGSIb3DQEBBQUAMF8xCzAJBgNVBAYTAlVTMQ0wC...</value>
> </param>
> <param>
> <name>jwt.expected.issuer</name>
> <value>https://my.idp.com/</value>
> </param>
> <param>
> <name>knox.token.use.cookie</name>
> <value>true</value>
> </param>
> </provider>
> {code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
